Stuff I learned along the way…

Primary Menu

Writing Your First Twitter Application with oAuth

In My current application There is requirement to fetch twitter timeline for the particular user. So I’ve fetched it with the help of Rest API of twitter an oAuth.

OAuth is an open protocol to allow secure API authorization in a simple and standard method from desktop and web applications. In layman’s terms, it is a system by which you can allow a user to authenticate with an OAuth-enabled service without providing you with their credentials to that service.

Why OAuth?

Using OAuth allows you to write applications that access the Twitter API but do not require your users to give you their Twitter username and password. This is important for a variety of reasons:

If the user changes their Twitter login, they do not have to update that information with you for your application to continue working for them

Using OAuth puts the user in control – if they ever wish to stop using your application, they can disable it through Twitter instead of trusting your application to stop using their login information. Once they disable it through Twitter, any requests by your application will require them to manually approve the connection again.

Increased sense of trust, since the user doesn’t have to worry about your application stealing their Twitter credentials and using it for nefarious purposes. I personally wouldn’t trust any web-based application that asks for my Twitter username and password, and given Twitter’s recent history of bad press regarding their security, more and more users are following that lead.

Getting Started – Registering Your Application with Twitter

First of all , you have to register your new application with Twitter. You’ll need a name and url for your application in order to register it, and you’ll need to define a callback url. The callback url is the full url of the page Twitter should send the user to after it’s done authenticating. This file can be named anything you want, but make sure the one you create on your server matches the one you register with Twitter. All of these details can be changed later if you change your mind or need to update something.

Once you’ve registered your application, Twitter will issue you a Consumer Key and a Consumer Secret for your new app. You’ll need these to get your sample code from the Twitter OAuth library working. As you can probably tell by the name, your Consumer Secret should remain private and you should never give it out to anyone. It’s used in your code so that Twitter can identify your application when you’re making API calls.

By forcing you to send your consumer key and secret with your API calls, Twitter is able to determine which application is sending the API calls, and can verify that the Twitter user you are attempting to send API requests on behalf of has actually authorized your application to access their account. If the user decides they no longer want to allow your application, they can edit their allowed application preferences and your application will no longer be able to make API calls on their behalf.

You can access a list of all of the applications you have registered with Twitter – and links to edit their details or view the consumer key and consumer secret – by going to your oauth clients page on Twitter.

The Twitter OAuth PHP Library Code

This library does provide an example script. You need to replace your Consumer Key and a Consumer Secret in confing.php. Please check that callback.php file should be one that we’ve registered with Twitter as being our callback url. We can keep common configuration options such as the consumer key and consumer secret, and database credentials in a config.php file. Now you can run index.php.

Now in your callback.php you can save access_token in database for future request. You can use that access token to call the APIs and you don’t need to enter Twitter user name and password.

Here you can dowanload the whole code from git hub. you just need to put your Consumer Key and a Consumer Secret in config.php and need to check callback url settings it should be demo’s callback.php and than you can run index.php you will get the result.